As many as 70% of websites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases and also allow hackers to perform illegal activities using the compromised site.

Web application attacks, launched on port 80/443, go straight through the firewall, past the operating system and network level security, and right into the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.

In-depth checking for SQL Injection and Cross-Site Scripting (XSS) Vulnerabilities
Acunetix WVS checks for all web vulnerabilities including SQL injection, Cross-Site Scripting
and many others. SQL injection is a hacking technique which modifies SQL queries in
order to gain access to data in the database. Cross-Site Scripting attacks allow a hacker
to execute a malicious script on your visitor’s browser. Paramount to web vulnerability
scanning is not the number of attacks that a scanner can detect, but the complexity and
thoroughness with which the scanner launches them. Acunetix sophisticated scanning
engine guarantees the highest rate of vulnerability detection including DOM-based XSS
vulnerabilities.

Innovative AcuSensor Technology Guarantees Low False Positives
Acunetix includes unique AcuSensor Technology that analyzes code as it gets executed,
resulting in higher detection rate, and importantly elimination of false positives.
Furthermore, AcuSensor technology is able to indicate where the vulnerability is in the
code and report debug information. AcuSensor not only finds more vulnerabilities, but
will save valuable time for your security and development teams.

DeepScan Technology Scans Most Content
Acunetix DeepScan Technology, which includes the state-of-the-art CSA (Client Script
Analyzer) Engine, crawls and scans the latest HTML5 and dynamic JavaScript web content.
By being able to find the largest amount of web content and understand it (including
Single Page Application sites) Acunetix can detect the highest number of vulnerabilities.

Scan AJAX and Web 2.0 Technologies for Vulnerabilities
The CSA Engine allows you to comprehensively scan the latest and most complex
AJAX / Web 2.0 web applications. Acunetix WVS understands SOAP and XML, tests for
vulnerabilities in AJAX and JSON request data, as well as web applications developed
using Google Web Toolkit.

Test Password Protected Areas and Web Forms with Automatic Form Filler
Acunetix is able to automatically fill in web forms and authenticate against web logins.
Most web vulnerability scanners are unable to do this or require complex scripting to test
such pages. Not so with Acunetix: Using the macro recording tool Login Sequence Recorder, you can record a login sequence, form filling process or a specific crawling sequence.
The scanner will replay this sequence during the scan process, fill in web forms and log
on to password protected areas automatically.

Auto-Configuration of Web Application Firewall
Acunetix WVS can automatically create the appropriate Web Application Firewall rules
to protect web applications against attacks targeting vulnerabilities that Acunetix finds.
This allows you to continue using your web application in a secure manner until you
are able to fix the vulnerabilities at code level.

Advanced Network Level Scanning
Part of a Website audit is a network level audit against any operating system
vulnerabilities. An online scanning engine integrates the popular OpenVAS scanner
to identify the highest number of network level vulnerabilities. Acunetix will test for
weak passwords, insecure web server configuration, directories with weak permissions,
DNS server vulnerabilities, FTP access tests, badly configured Proxy Servers, weak SSL
ciphers, and many other sophisticated security checks!

WordPress Vulnerability Scanning
Acunetix identifies WordPress installations and will launch WordPress specific security
checks to ensure your website is secure including detection of vulnerable plugins and
themes, weak passwords, mal configuration of WordPress (username enumeration, WP
config backup files), Malware disguised as plugins and old versions of plugins. Similar
checks are also performed on other Content Management Systems such as Joomla and
Drupal.

About

Security Matterz is a specialist IT Security organization, which has its international headquarters in London United Kingdom. It also has branch offices throughout the Middle East with its premier office in Riyadh Saudi Arabia. Innovative and professional in its approach, it always partners best-in-class products and services, to identify and solve security threats and issues for its clients.